We have implemented a range of controls to ensure secure operations for our online services.
DDoS protection
We prioritize the security and reliability of our services. Realizing the disruptive nature of distributed denial of service (DDoS) attacks and the potential impact they can have on business operations, we have implemented robust DDoS protection measures to ensure uninterrupted access to our platform. With our advanced infrastructure and dedicated security protocols, we actively monitor and mitigate DDoS threats, assuring that customer experience with us remains secure, stable, and protected against the ever-evolving landscape of cyber threats.
IDS and IPS
We use intrusion detection system (IDS) and intrusion prevention system (IPS) to detect and prevent potential threats. IDS monitors network traffic for known attack signatures and alerts to suspicious activity. Meanwhile, IPS halts suspicious traffic, ensuring the integrity of our network.
Firewall and WAF
A firewall filters incoming and outgoing network traffic under. Acting as a protective barrier, it ensures that only non-threatening traffic is allowed. In addition, we use a web application firewall (WAF) to safeguard web applications from a range of potential attacks.
Encryption
We ensure data security through encryption, protecting data at rest, in transit, and during storing (document fingerprinting, checksums, hashes, and more). All data is encrypted with the state-of-the-art industry standards encryption methods like AES-256.
Security checks
We prioritize the ongoing security of our systems and applications. As part of our commitment to maintaining a strong security posture, we conduct regular security checks using a variety of techniques.
These regular security checks, including file hashing, URL hashing, and URL probing, are part of our comprehensive security strategy. With these techniques, we can identify and address security vulnerabilities proactively, thus safeguarding our systems and applications.
Customers security is paramount, so we continually maintain the highest standards to protect customer data and ensure a secure user experience.
Penetration tests
To ensure the uppermost security level of our services, we annually carry out penetration tests according to the OWASP reference standard. Also, we conduct regular penetration tests of the environment to check for security exposures.
External penetration tests simulate real-world attack scenarios to identify potential vulnerabilities and weaknesses. By subjecting our systems to rigorous testing, we can uncover any security gaps and address them before they can be exploited.
Conducting these external penetration tests annually, we stay ahead of evolving security threats and ensure that our security measures remain effective. It allows us to continuously enhance our security posture, apply necessary patches and updates, and implement additional safeguards where required.
The results of penetration tests provide insights and recommendations for improving our security measures. All findings are classified by criticality and managed by responsible teams. We take these findings seriously and promptly address any identified vulnerabilities or weaknesses, ensuring that customer data remains protected, and our services meet the highest security standards.
Our commitment to conducting annual external penetration tests reflects our dedication to providing our customers with a secure and reliable SaaS experience.
The results of penetration tests are available in the Confirmation of Security Assessment section on the Security compliance & certifications page.